Need Help With Script | Encryption



  • Hello
    I tried to make config of some site but i failed because i could not send Script properly.
    Site uses script which changes inputted password in password box once i click on login button and sends new changed password in POST Request.
    In browser i used this login credentials

    user123:password123
    

    But in post request it appears like this

    user123:33de3524dbae4574
    

    it's not base 64 encode.


  • Donator

    @sabbirgf2 said in Need Help With Script | Encryption:

    Site uses script which changes inputted password

    if you know that the site uses a script to change the password? why dont you check out the script to see how your password got encrypted or post the script here if you do not understand it i can take a look at it but im no expert.



  • @Itamai idk but it might help

    Secure Protocol: Tls12
    Cipher: Aes256 256bits
    Hash Algorithm: Sha384 ?bits
    Key Exchange: ECDHE_RSA (0xae06) 256bits
    
    [Serial Number]
      3C0CE171C87CACAC
    
    [Not Before]
      15-Jul-19 3:47:23 PM
    
    [Not After]
      12-Aug-21 8:01:24 PM
    
    [Thumbprint]
      897A4977428C364081233D22747296FF6332A453
    

  • Donator

    @sabbirgf2 sry thats not helping. check the javascripts which are loaded you should find the encryption method there



  • @Itamai said in Need Help With Script | Encryption:

    @sabbirgf2 sry thats not helping. check the javascripts which are loaded you should find the encryption method there

    @Itamai, I Posted the Script here, instead to open a new Question, asking how I can replicate the Code area selected using Function Block or doing a LoliScript implementation of course I don't understand how the Select area work 🙂 . Sorry @sabbirgf2 to Posted my request on yours, if I need to remove it and open my own let me know

    I can't post the whole source on a single piece too big if more info is needed please let me know

    var HASH_FUNCTIONS={COLP_HASH:function(a){var h=Cryptography.base64EncodeWordArray(Cryptography.hash("MD5",Cryptography.stringToUtf8WordArray(a.getPassword()),null,1)),h=Cryptography.stringToUtf8WordArray(a.getSalt().concat(h));a.setPasswordHash(Cryptography.hash("MD5",h,null,1))},DISTRIBUTED_HASH:function(a){var h=Cryptography.stringToUtf8WordArray(a.getSalt()+a.getPassword()),h=Cryptography.hash("SHA256",h,null,a.iterations);a.setPasswordHash(h);a=a.getNewSalt()==a.getSalt()?h:Cryptography.hash("SHA256",
    Cryptography.stringToUtf8WordArray(a.getNewSalt()+a.getPassword()),null,a.iterations);$("#newPasswordHash").data("hash",a)},NSL_HASH:function(a){var h=Cryptography.base64DecodeWordArray(decodeURIComponent(a.getSalt())),l=Cryptography.stringToUtf8WordArray(a.getGuid()),f=Cryptography.stringToUtf8WordArray(a.getPassword());a.setPasswordHash(Cryptography.hash("SHA512",h.concat(l).concat(f),null,20002))},SYM_ACCOUNT_HASH:function(a){var h=Cryptography.hash("SHA1",Cryptography.stringToUtf8WordArray(a.getPassword()),
    null,1);a.setPasswordHash("{SHA}"+Cryptography.base64EncodeWordArray(h))},SSHA_HASH:function(a){var h=Cryptography.base64DecodeWordArray(decodeURIComponent(a.getSalt())),l=Cryptography.hash("SHA1",Cryptography.stringToUtf8WordArray(a.getPassword()).concat(h),null,1);a.setPasswordHash("{SSHA}"+Cryptography.base64EncodeWordArray(l.concat(h)))}};
    function obfuscateFields(a){for(var h=a.data("obfuscatedFieldIds")||[],l=a.data("obfuscationKey"),f=0;f<h.length;f++){var d=$("#"+h[f]);if(0!=d.length){var c=d.data("hash")||d.val();"undefined"!=typeof c&&null!=c&&0!=c.length&&(c=c.constructor==String?Cryptography.stringToCodePointsByteArray(c):Cryptography.wordArrayToByteArray(c),c=Cryptography.obfuscateByteArray(c,l),d.removeAttr("name"),d=a.find("input[type='hidden'][name='"+h[f]+"']"),0==d.length?a.append("<input type='hidden' name='"+h[f]+"' value='"+
    c+"' />"):d.val(c))}}}
    


  • Could be LM or MySQL < version 4.1



  • @Br4uN Try to make php for encryption then use it as api for encryption.
    That's what i do!


Log in to reply